A new security company is up and running with the idea that it's simply not enough to
protect a corporate network anymore. They say it's time to fight back.

But some members of the security industry worry that giving IT managers the tools to attack
their attackers could cause far more serious problems than it would solve.

Symbiot, Inc., a fledgling infrastructure security company based in Austin, Texas, is
getting ready to release its first product at the end of this month. The company's
Intelligent Security Infrastructure Management Solution uses artificial intelligence
software to analyze network patterns, manage attacks on the network and respond to them.

What is causing a stir in the security community is the response part of the plan.

Symbiot's founders are looking to fight back against hackers, virus writers and
denial-of-service attacks by launching counterattacks. It's time, they say, for the
attacked to become the attackers.

''Threats to the enterprise network are evolving at an unprecedented pace,'' says Mike W.
Erwin, president of Symbiot. ''Businesses can no longer afford the substantial financial
resources and manpower associated with the endless loop of building walls and repairing and
rebuilding them after each attack -- only to repeat the process day in and day out.

''Responses would include many different levels, graduated from blocking and quarantining
to more invasive techniques,'' he adds.

So far, however, Symbiot executives are not saying exactly what these 'invasive techniques'
will be. Erwin would only go so far as classifying the countermeasures as 'non-destructive,
destructive-recoverable, and destructive non-recoverable'. He does say that blocking,
shunning and diverting attacks will take care of most threats.

But it's the term 'counterattacks' and what that might mean that has security analysts
concerned.

Launching a retaliatory denial-of-service attack against an aggressor opens up the door to a
whole host of questions. How would that counterattack affect ISPs? What would it do to
network traffic and corporate bandwidth? Would the attack target unsuspecting users whose
computers have been compromised by a virus and now are being used to send spam or
denial-of-service attacks?

''This is not the best of ideas,'' says Steve Sundermeier, a vice president with Medina,
Ohio-based Central Command, Inc., an anti-virus company. ''Think about how Code Red or
Blaster affected bandwidth as a whole. A counterattack would only add additional weight to
the to the bandwidth pressure. That could put the Internet into a crawl.

''You're putting companies at risk,'' he adds. ''You're putting people's livelihoods at
risk... It just isn't a good idea to repay evil with evil.''
See Continuation: How Will ISPs and Users be Affected?